-
公开(公告)号:US08904525B1
公开(公告)日:2014-12-02
申请号:US13536355
申请日:2012-06-28
申请人: Roy Hodgman , Samir D. Saklikar , Kevin D. Bowers
发明人: Roy Hodgman , Samir D. Saklikar , Kevin D. Bowers
CPC分类号: G06F21/562 , G06F21/56 , G06F21/566 , G06F21/567 , G06F2201/815
摘要: A technique to detect malware on a mobile device which stores a virtual machine image involves establishing a connection from an electronic malware detection apparatus to the mobile device, the electronic malware detection apparatus being external to the mobile device. The technique further involves transferring mobile device data from the mobile device to the electronic malware detection apparatus through the connection to form a copy of the virtual machine image within the electronic malware detection apparatus. The technique further involves performing, by the electronic detection apparatus, a set of malware detection operations on the copy of the virtual machine image to determine whether the mobile device is infected with malware.
摘要翻译: 一种用于检测存储虚拟机图像的移动设备上的恶意软件的技术涉及建立从电子恶意软件检测设备到移动设备的连接,电子恶意软件检测设备在移动设备外部。 该技术还涉及通过连接将移动设备数据从移动设备传送到电子恶意软件检测设备,以在电子恶意软件检测设备内形成虚拟机映像的副本。 该技术还包括通过电子检测设备对虚拟机映像的副本执行一组恶意软件检测操作,以确定移动设备是否被恶意软件感染。
-
公开(公告)号:US08904524B1
公开(公告)日:2014-12-02
申请号:US13245926
申请日:2011-09-27
申请人: Roy Hodgman
发明人: Roy Hodgman
IPC分类号: G06F12/14
CPC分类号: G06F21/56 , G06F21/552
摘要: Improved techniques of identifying a malicious communication involve a lightweight evaluator obtaining a domain name directly from a network transmission. The lightweight evaluator performs a query of the domain name on a database of known network transactions. Results of the query include IP addresses to which the domain name has resolved in prior transactions and Time To Live (TTL) values for each of those IP addresses. To such results of the query, the lightweight evaluator applies a set of heuristics which are arranged to determine whether the domain name could plausibly be a FFDN. Based on the result of the application of the heuristics to the domain name, the lightweight evaluator sends to a backend evaluator the domain name and a command to confirm whether the domain name is a FFDN.
摘要翻译: 改进的识别恶意通信的技术涉及轻量级评估者直接从网络传输获取域名。 轻量级评估器对已知网络事务的数据库执行域名查询。 查询的结果包括域名在先前交易中解析的IP地址以及每个IP地址的“生存时间”(TTL)值。 对于查询的这种结果,轻量级评估器应用一组启发式算法,其被设置为确定域名是否可能是FFDN。 基于将启发式应用于域名的结果,轻量级评估器向后端评估者发送域名和一个命令,以确认域名是否为FFDN。
-
3.发明授权公开(公告)号:US09021255B1
公开(公告)日:2015-04-28
申请号:US13537904
申请日:2012-06-29
申请人: Idan Aharoni , Roy Hodgman , Ingo Schubert
发明人: Idan Aharoni , Roy Hodgman , Ingo Schubert
CPC分类号: H04L29/06 , G06F21/33 , H04L9/3268 , H04L63/0823 , H04L63/126 , H04L63/1483 , H04L63/168 , H04L67/02
摘要: A method includes (a) receiving, at a computing device, a first certificate signing request (1CSR) from a certificate authority (CA), the 1CSR including an embedded second certificate signing request (2CSR), the 2CSR having been received by the CA from an entity seeking a signed certificate from the CA that validates an identity claim made by the entity in the 2CSR, the CA having performed a preliminary verification of the 2CSR prior to embedding it in the 1CSR, (b) verifying that the 1CSR came from the CA, (c) performing a verification procedure on the embedded 2CSR independent of the preliminary verification performed by the CA, to validate the identity claim made by the entity in the 2CSR, and (d) upon successfully validating the identity claim made by the entity in the 2CSR, sending a certificate to the CA, the certificate validating the identity claim made by the entity in the 2CSR.
摘要翻译: 一种方法包括(a)在计算设备处从证书颁发机构(CA)接收第一证书签名请求(1CSR),所述1CSR包括嵌入的第二证书签名请求(2CSR),所述2CSR已被CA接收 来自CA的实体从CA获得签发的证书,验证该实体在2CSR中作出的身份声明,CA在将其嵌入到1CSR之前对2CSR进行了初步验证,(b)验证了1CSR来自 CA,(c)独立于CA进行的初步验证,对嵌入式2CSR执行验证程序,以验证该实体在2CSR中提出的身份声明,以及(d)成功验证由 2CSR中的实体,向CA颁发证书,证明该实体在2CSR中提出的身份证明。
-
公开(公告)号:US09015231B1
公开(公告)日:2015-04-21
申请号:US13431231
申请日:2012-03-27
申请人: Roy Hodgman , Marten Erik van Dijk , Eyal Kolman
发明人: Roy Hodgman , Marten Erik van Dijk , Eyal Kolman
摘要: A server is configured to communicate with a group of clients over a network. Each of the clients obtains a corresponding informational message comprising security-related information such as an indication of compromise (IOC), inserts noise in the information message to generate an anonymized message, and communicates the anonymized message to the server. The anonymized messages communicated by the respective clients to the server may be configured so as to prevent the server from identifying any individual client associated with a particular one of the anonymized messages, while also allowing the server to extract from the anonymized messages collectively one or more characteristics of the underlying informational messages. A given client may insert noise in an informational message by, for example, selecting a noise value from a specified range of noise values, and combining the informational message and the selected noise value to generate the anonymized message.
摘要翻译: 服务器被配置为通过网络与一组客户端进行通信。 每个客户端获得包括诸如妥协指示(IOC)之类的安全相关信息的相应信息性消息,在信息消息中插入噪声以生成匿名消息,并将匿名消息传送到服务器。 可以将由相应客户端传送到服务器的匿名消息配置成防止服务器识别与特定一个匿名消息相关联的任何个人客户端,同时还允许服务器从匿名消息中抽出一个或多个 底层信息消息的特征。 给定的客户端可以通过例如从指定的噪声值范围中选择噪声值并将信息消息和所选择的噪声值组合以生成匿名消息来在信息消息中插入噪声。
-
公开(公告)号:US08924726B1
公开(公告)日:2014-12-30
申请号:US13170242
申请日:2011-06-28
申请人: Roy Hodgman , Daniel Hassan
发明人: Roy Hodgman , Daniel Hassan
IPC分类号: H04L9/32
CPC分类号: G09C5/00 , H04L9/30 , H04L9/3247
摘要: An improved technique involves generating an encoded representation of encrypted forms of a message which includes an institution's digital signature derived from the message. The institution sends the encoded representation to the user's computer. The user transfers an image of the encoded representation from the user's computer to a separate hand-held device. The user then derives the encrypted forms of the message and the institution's digital signature by decoding the image on the hand-held device; the user then decrypts the encrypted forms of the message and the institution's digital signature on the hand-held device. The user then sees the message without interference from an intrusive agent in a MitB attack. Further, the user can verify the institution's identity as the sender of the message by being able to validate the institution's digital signature. In this way, a MitB attack is very likely to be made apparent to the user.
摘要翻译: 改进的技术涉及生成包括从该消息导出的机构的数字签名的消息的加密形式的编码表示。 机构将编码表示发送给用户的计算机。 用户将编码表示的图像从用户计算机传送到单独的手持设备。 然后,用户通过解码手持设备上的图像来导出消息的加密形式和机构的数字签名; 用户然后在手持设备上解密消息的加密形式和机构的数字签名。 然后,用户在MitB攻击中会看到该消息而不受入侵代理的干扰。 此外,用户可以通过能够验证机构的数字签名来验证机构的身份作为消息的发送者。 这样一来,MitB攻击很有可能对用户来说是显而易见的。
-
公开(公告)号:US09660813B1
公开(公告)日:2017-05-23
申请号:US13431214
申请日:2012-03-27
申请人: Marten Erik van Dijk , Eyal Kolman , Roy Hodgman
发明人: Marten Erik van Dijk , Eyal Kolman , Roy Hodgman
CPC分类号: H04L9/3255 , G06F21/6254 , H04L9/3247 , H04L63/0853 , H04L67/1044
摘要: A server is configured to communicate with a group of clients over a network in one embodiment. The server maps the group of clients into a plurality of subgroups of bounded size, communicates to a given one of the clients information identifying the particular subgroup to which that client belongs as well as the other clients in that subgroup. The given client utilizes the communicated information to generate a ring signature over the corresponding subgroup of clients based on the communicated information. The subgroup size may be bounded to a minimum size and a maximum size in accordance with a variable privacy parameter. The server can increase or decrease the value of the parameter in order to provide respective increased or decreased privacy to the clients, by making it respectively more or less difficult to determine which client in a corresponding one of the subgroups produced the received ring signature.
-
7.发明授权公开(公告)号:US08925058B1
公开(公告)日:2014-12-30
申请号:US13434257
申请日:2012-03-29
申请人: Yedidya Dotan , William M. Duane , John Linn , Roy Hodgman , Derek Lin
发明人: Yedidya Dotan , William M. Duane , John Linn , Roy Hodgman , Derek Lin
CPC分类号: H04L63/0861 , G06F21/31 , G06F21/32
摘要: A technique of authenticating a person involves obtaining, during a current authentication session to authenticate the person, a first authentication factor from the person and a second authentication factor from the person, at least one of the first and second authentication factors being a biometric input. The technique further involves performing an authentication operation which cross references the first authentication factor with the second authentication factor. The technique further involves outputting, as a result of the authentication operation, an authentication result signal indicating whether the authentication operation has determined the person in the current authentication session likely to be legitimate or an imposter. Such authentication, which cross references authentication factors to leverage off of their interdependency, provides stronger authentication than conventional naïve authentication.
摘要翻译: 认证人的技术涉及在当前身份认证会话期间从人员获得第一认证因子和从人员获得第二认证因素,所述第一和第二认证因素中的至少一个是生物特征输入。 该技术还涉及执行认证操作,该认证操作以第二认证因素交叉引用第一认证因素。 该技术还包括作为认证操作的结果,输出一个认证结果信号,该认证结果信号指示认证操作是否已经确定当前认证会话中的人可能是合法的或冒牌者。 这种认证交叉引用认证因素以利用其相互依赖性,提供比传统初始认证更强大的认证。
-
公开(公告)号:US08855312B1
公开(公告)日:2014-10-07
申请号:US13537617
申请日:2012-06-29
申请人: Roy Hodgman , Samir Saklikar
发明人: Roy Hodgman , Samir Saklikar
IPC分类号: G06F21/00
摘要: A method performed by a first computing device is disclosed. The method includes (a) establishing a proximity-based communications channel between the first computing device and a second computing device, one of the first device and the second device being a mobile device, (b) sending a request for authentication of identity of a remote entity from the first device to the second device, the remote entity being in possession of the second device, (c) receiving, at the first device, from the second device, an identity assertion that the remote entity is authentically identified by an identifier, the identity assertion's truth being conditional on a proximity-based condition, (d) verifying, at the first device, that the proximity-based condition is satisfied, and (e) in response to verifying, validating the identifier of the remote entity. An apparatus and computer program product for carrying out the method are also provided.
摘要翻译: 公开了一种由第一计算设备执行的方法。 该方法包括:(a)在第一计算设备和第二计算设备之间建立基于邻近的通信信道,第一设备和第二设备中的一个是移动设备,(b)发送对认证的身份的请求 从所述第一设备到所述第二设备的远程实体,所述远程实体拥有所述第二设备,(c)在所述第一设备处从所述第二设备接收所述远程实体通过标识符被真实地标识的身份断言 (d)在第一设备处验证接近度条件是否被满足,以及(e)响应于验证,验证远程实体的标识符。 还提供了一种用于执行该方法的设备和计算机程序产品。
-
公开(公告)号:US08683452B1
公开(公告)日:2014-03-25
申请号:US12974756
申请日:2010-12-21
申请人: Roy Hodgman , Ofer Mizrach , Ofri Mann , Alex Vaystikh
发明人: Roy Hodgman , Ofer Mizrach , Ofri Mann , Alex Vaystikh
CPC分类号: G06F8/51
摘要: An improved technique of providing computer code to a set of client computers is disclosed. In the improved technique, a set of files is generated, each file in the set of files including computer code configured to be read by an interpreter on each client computer, the computer code in each file including a set of functions, each function in the set of functions having a name, the name of a function in the set of functions in a first file in the set of files differing from the name of a corresponding function in the set of functions in a second file in the set of files, the computer code in the first file and the computer code in the second file being constructed and arranged to produce functionally equivalent sets of computer instructions when run through the interpreter on each client computer.
摘要翻译: 公开了一种向一组客户端计算机提供计算机代码的改进技术。 在改进的技术中,生成一组文件,文件集中的每个文件包括配置为由每个客户端计算机上的解释器读取的计算机代码,每个文件中的计算机代码包括一组功能,每个功能在 一组具有名称的功能的名称,该组文件中的第一个文件中的功能集中的功能的名称与文件集中的第二个文件中的功能集中的相应功能的名称不同, 第一文件中的计算机代码和第二文件中的计算机代码被构造和布置成在每个客户端计算机上通过解释器运行时产生功能上相同的计算机指令集。
-
10.发明授权公开(公告)号:US08528049B1
公开(公告)日:2013-09-03
申请号:US12974732
申请日:2010-12-21
申请人: Amnon Khen , Roy Hodgman , Alon Kaufman
发明人: Amnon Khen , Roy Hodgman , Alon Kaufman
IPC分类号: H04L29/06
CPC分类号: H04L63/08 , G06F21/36 , H04L2463/082
摘要: A technique provides user authentication. The technique involves generating a pointer data profile entry in a pointer data profile database, the pointer data profile entry having a pointer data profile which is based on first pointer data obtained during a first user session. Such pointer data can be collected from a standard pointing device such as an electronic mouse, a touch-based track pad, a trackball, a scroll wheel, etc. The technique further involves receiving new pointer data during a second user session, and performing an authentication operation based on (i) the pointer data profile entry in the pointer data profile database and (ii) the new pointer data to determine whether a user providing the first pointer data during the first user session and a user providing the new pointer data during the second user session is the same person.
摘要翻译: 一种技术提供用户认证。 该技术涉及在指针数据简档数据库中生成指针数据简档条目,指针数据简档条目具有基于在第一用户会话期间获得的第一指针数据的指针数据简档。 可以从诸如电子鼠标,基于触摸的轨迹板,轨迹球,滚轮等的标准指示装置收集这样的指针数据。该技术还包括在第二用户会话期间接收新的指针数据,并执行 基于(i)指针数据简档数据库中的指针数据简档条目的认证操作和(ii)新指针数据,以确定在第一用户会话期间提供第一指针数据的用户和在第一用户会话期间提供新指针数据的用户 第二个用户会话是同一个人。
-
-
-
-
-
-
-
-
-
搜索结果
16 条记录 (耗时 0.023 秒)
